Ambassador Pro 0.5:
2 days ago, ambassador

Ambassador Pro 0.5: Identity-Aware Proxy for Kubernetes, support for Azure AD and Google Identity PlatformToday, we’re thrilled to announce Ambassador Pro 0.5, a major release of the enterprise version of the Ambassador API Gateway. This release enables Ambassador to function as a sophisticated Identity Aware Proxy as part of the implementation of a Zero Trust security architecture on Kubernetes.Zero Trust SecurityIn the traditional network-oriented security model, trust is assumed by your netwo...

Webinar Recap: Secure Routing and Traffic Management with Ambassador Consul
5 days ago, ambassador

Webinar Recap: Secure Routing and Traffic Management with Ambassador & ConsulRecently, our Product Architect Daniel Bryant presented a webinar with Nic Jackson, Developer Advocate at Hashicorp, where they talked about Ambassador’s integration with Consul. We’ve written on the blog before about how you can use the Ambassador & Consul integration to route all traffic to a data center no matter where your application is running.In this webinar, Daniel & Nic discussed and demonstrated how to secure ...

Case Study: Handshake
1 week ago, ambassador

Can you tell us about yourself and what your company does?I’m Scott Ringwelski, Co-founder and CTO of Handshake. Handshake is a platform to help students from all backgrounds find meaningful careers. We started Handshake in 2014 when we discovered a massive opportunity gap in the college job search. Since then, the Handshake team has grown to over 150 employees, has partnered with more than 800 colleges and universities across the country, and 4 million students.What was your pre-Ambassador stra...

Ambassador 0.72
1 week ago, ambassador

Ambassador 0.72: Updated Envoy & bug fixesWe’re releasing Ambassador 0.72 today. This update includes:We’ve updated our Envoy base version. We’re rebasing on a more regular schedule, and this rebase takes us to a new version of Envoy post-1.10 (commit 8f57f7d765939552a999721e8dac9b5a9a5cbb8b).Properly forward the request body to the external authorization service when include_body is specified (#1595, #1531). This was a regression in Envoy 1.10.Ambassador works with read-only root filesystems (#...

Experimenting with a Serverless Service Mesh, with Ambassador on Google Cloud Run
2 weeks ago, ambassador

Ambassador is an easy-to-use API Gateway that I believe allows you to form a new kind of service mesh architecture in an on-demand “serverless” fashion.You didn’t read this wrong. I think this could be a “serverless service mesh”.Combining the power of Ambassador API Gateway and Google Cloud Run, you can run the entire service mesh layer of your applications using serverless technology. This means that you will be billed per request by the Google Cloud.Several weeks ago, Google announced a new s...

Ambassador 0.71: GZIP, better diagnostics, and more
2 weeks ago, ambassador

We’re releasing Ambassador 0.71, an incremental release on Ambassador 0.70. Ambassador 0.71:Adds GZIP support (#744).Adds support for showing active Resolvers to the diagnostics UI (#1453)Adds CRDs for resolvers (#1563).Resolvers with customer names work, even as CRDs (#1497).The /metrics endpoint provides direct access to Prometheus-format stats. Thanks to Rotem Tamir.statsd-exporter now correctly defaults to port 8125. Thanks to Jonathan Suever.redirect_cleartext_from no longer strips the URL ...

Using Knative with Ambassador
3 weeks ago, ambassador

Knative is a popular Kubernetes-based platform for managing serverless workloads. At KubeCon EU, a number of the Knative team demonstrated the integration of the Ambassador API gateway with Knative, replacing Istio and potentially reducing the operational overhead of running the framework. This blog post provides instructions for you to recreate this demo.body[data-twttr-rendered="true"] {background-color: transparent;}.twitter-tweet {margin: auto !important;}The @KnativeProject introducing Duck...

KubeCon EU 2019: Top 10 Takeaways
3 weeks ago, ambassador

The Datawire team and I have returned home from an awesome time last week where we attended KubeCon and CloudNativeCon in Barcelona. Together, we were part of six talks at KubeCon, staffed a packed booth with amazing T-shirts (if I do say so myself!), spoke to dozens of community members, and attended some fantastic talks. As there was so much goodness on offer at KubeCon EU, I’ve tried to summarise some of my key observations in this blog post.In no particular order, here are my top ten takeawa...

Announcing Ambassador 0.70: App Modernization beyond Kubernetes
1 month ago, ambassador

Announcing Ambassador 0.70: Application Modernization beyond KubernetesAmbassador is one of the most popular API Gateways for Kubernetes users. But what if you’re just starting to move to Kubernetes?Today, we’re announcing general availability of Ambassador 0.70. Ambassador 0.70 enables organization to accelerate their application modernization efforts faster than ever before. 0.70:Simplifies management. Building on the declarative configuration model introduced in Ambassador 0.11, Ambassador 0....

Catching up with Ambassador at KubeCon & CloudNativeCon Europe
1 month ago, ambassador

Where to Find the Ambassador Community at KubeCon & CloudNativeCon EuropeWe’re packing our bags and getting excited to head to Barcelona next week for KubeCon EU! If you’ll be attending KubeCon EU as well, here are a few places you can find members and friends of the Ambassador Community:Building an Edge Control Plane with Kubernetes and Envoy — Flynn, Lead Developer, Ambassador @ Datawire: Wednesday 5/22/19 14:50–15:25The Envoy Proxy is fast becoming ubiquitous as the universal data plane API f...

A brief retrospective of Ambassador and Envoy releases
1 month ago, ambassador

Ambassador has rapidly evolved as an API Gateway over the past two years of the project. In recognition of the two year anniversary of Ambassador, here’s a a summary of the evolution of Ambassador. (You’ll also note that our versioning scheme early on was fairly haphazard.)March 31, 2017: 0.1.3The first release of Ambassador was built on an early release of Envoy Proxy, and exposed its functionality through REST APIs. PostgreSQL was used for persisting configuration data.April and May 2017April ...

Ambassador Turns Two- Architecture Updates, New Features, Integrations, and an Awesome Community!
1 month ago, ambassador

Today, Ambassador turns 2 years old! In celebration of Ambassador’s birthday, we wanted to take this opportunity to look back at how Ambassador has grown over the last year. But first, here’s a snapshot of where we are today:1,800+ GitHub Stars1,500+ Slack members80 ContributorsArchitecture — Ambassador 0.50In January, we announced Ambassador 0.50 which included a major re-architecture of Ambassador under the hood that added support for the Envoy Proxy v2 API and used the Aggregate Discovery Ser...

Ambassador 0.61: Circuit breakers, automatic retries, and more
1 month ago, ambassador

We’re excited to announce Ambassador 0.61. Building on the endpoint routing support, Ambassador 0.61:Adds support for circuit breakers.Supports automatic retries. Thanks to @l1v3 for the initial patch.Support for weighted shadowing. Thanks to Giovanni Gargiulo.Support for HTTP/1.0. Thanks to Matthew Ceroni.Support for setting minimum TLS version.Previously add_request_headers and add_response_headers could only append to a set of existing headers. Now, these two annotations can overwrite existin...

Ambassador 0.60.2 Maintenance Release
1 month ago, ambassador

Ambassador 0.60.2 is now available. This release fixes a number of issues reported by the community. In particular, in 0.60, we introduced endpoint routing as a default configuration, and there were several performance regressions related to these changes. In 0.60.1 (a very short-lived release) and 0.60.2, we have resolved these issues. Special thanks to Derrick Burns, Steve Flanders, Petr Jediný, Seandon Mooy, and Vaibhan Nagpal for reporting and testing fixes for the issues.0.60.2 changesAmbas...

Ambassador 0.60: Consul, service mesh, timeouts, and more
2 months ago, ambassador

Today, we’re announcing Ambassador 0.60. With this release, Ambassador can serve as your centralized API Gateway or ingress for your entire data center, and not just Kubernetes. Specifically, Ambassador 0.60 includes:Native Consul support. Ambassador can now route to any Consul service based on endpoint information supplied by Consul.Direct L7 load balancing. Ambassador can bypass the L4 kube-proxy load balancing, and route directly to Consul endpoints or Kubernetes pods using the round robin, r...

Load balancing strategies in Kubernetes: L4 round robin, L7 round robin, ring hash, and more
2 months ago, ambassador

Load balancing is the process of efficiently distributing network traffic among multiple backend services, and is a critical strategy for maximizing scalability and availability. In Kubernetes, there are a variety of choices for load balancing external traffic to pods, each with different tradeoffs.L4 Round Robin Load Balancing with kube-proxyIn a typical Kubernetes cluster, requests that are sent to a Kubernetes Service are routed by a component named kube-proxy. Somewhat confusingly, kube-prox...

Pre-Processing, Augmenting, and Transforming User Ingress Requests: Using Filters in Ambassador Pro
2 months ago, ambassador

In early March we announced the launch of request Filters and Filter Policies for the Ambassador Pro API gateway, and we have seen lots of interesting developments in this space. Many users of Ambassador want to manipulate the request from an end user before it hits the backend services, and filters provide the perfect framework to do this.For example, do you want to add additional customer metadata to a request based on a customer ID header, cookie, or JWT? Do you want to remove inappropriate o...

Security Release: Ambassador 0.53 (Envoy Proxy CVE-2019-9900 and CVE-2019-9901)
2 months ago, ambassador

Security Release: Ambassador 0.53 (Envoy Proxy CVE-2019-9900 and CVE-2019-9901)We’re releasing Ambassador 0.53 today, which addresses two security issues in Envoy Proxy, both of which are rated as high severity. We recommend that all Ambassador users upgrade. These security fixes are also included in Envoy 1.9.1, which is also being released today.CVE-2019-9900 and CVE-2019-9901The two security issues addressed in this update.CVE-2019-9900 (Score 8.3/High). When parsing HTTP/1.x header values, E...

Canary Release Patterns for APIs, Applications, and Services with Ambassador
2 months ago, ambassador

With an increasing number of organisations adopting the Ambassador API Gateway as their main ingress solution on Kubernetes, we are now starting to see a series of patterns emerge in relation to continuous delivery and the testing and releasing of new functionality. The canary releasing pattern is one of the most popular, and so in this article I will outline a series of related sub-patterns, implementation details, and things to watch out for with this approach.Canary PrerequisitesThe canary re...

Ambassador Pro 0.3
2 months ago, ambassador

Ambassador Pro 0.3: new External filter type, Okta support, and moreWe’ve released Ambassador Pro 0.3 today. This update adds a number of features and fixes to Ambassador Pro. The following changes are part of 0.3:A new filter type, External, is now supported. External exposes the same AuthService interface to filters, enabling you to plug in existing AuthServices into the Ambassador Pro filter system without modification. The External filter type is documented in the Filter Reference.The reques...

Next